[Openstack-security] [openstack/glance] SecurityImpact review request change I47229b366c25367ec1bd48aec684e0880f3dfe60
gerrit2 at review.openstack.org
gerrit2 at review.openstack.org
Wed Jan 14 23:14:11 UTC 2015
Hi, I'd like you to take a look at this patch for potential
SecurityImpact.
https://review.openstack.org/144464
Log:
commit a9733d85876436add23e765a73b80988ac80b162
Author: Zhi Yan Liu <zhiyanl at cn.ibm.com>
Date: Tue Dec 30 22:25:50 2014 +0800
Cleanup chunks for deleted image that was 'saving'
Currently image data cannot be removed synchronously for an image that
is in saving state. And when, the upload operation for such an image is
completed the operator configured quota can be exceeded.
This patch fixes the issue of left over chunks for an image which was
deleted from saving status. However, by the limitation of the design we
cannot enforce a global quota check for the image in saving status.
This change introduces a inconsonance between http response codes of
v1 and v2 APIs. The status codes which we will now see after the upload
process completes on an image which was deleted mid way are:
v1: 412 Precondition Failed
v2: 410 Gone
SecurityImpact
UpgradeImpact
APIImpact
Closes-Bug: #1383973
Partial-Bug: #1398830
Change-Id: I47229b366c25367ec1bd48aec684e0880f3dfe60
Signed-off-by: Zhi Yan Liu <zhiyanl at cn.ibm.com>
More information about the Openstack-security
mailing list